feat(signer): add support for more CL keystore formats (#189)

* Add support for Teku keystore format

* WIP: Add prysm keystore support

* Refactor Prysm loader

* Fix clippy and format

* Add Lodestar support

* Improve error handling

* Update docs

* Move dependencies to root Cargo.toml

* Update example config with new format field

* Use lowercase for ValidatorKeyFormat Serialization

* Remove unnecessary dependency

* Update docs

* Remove unnecessary docker env var

* Add tests for loaders

* Replace serde rename with alias

* Fix format

Author: ManuelBilbao

Cargo.lock

@@ -55,6 +55,8 @@ toml = "0.8.13"
 serde = { version = "1.0.202", features = ["derive"] }
 serde_json = "1.0.117"
 serde_yaml = "0.9.33"
+base64 = "0.22.1"
+unicode-normalization = "0.1.24"
 
 # telemetry
 tracing = "0.1.40"
@@ -68,6 +70,11 @@ tree_hash = "0.8"
 tree_hash_derive = "0.8"
 eth2_keystore = { git = "https://github.com/sigp/lighthouse", rev = "9e12c21f268c80a3f002ae0ca27477f9f512eb6f" }
 k256 = "0.13"
+aes = "0.8"
+ctr = "0.9.2"
+cipher = "0.4"
+pbkdf2 = "0.12.2"
+sha2 = "0.10.8"
 
 # docker
 docker-compose-types = "0.12.0"

Cargo.toml

@@ -131,13 +131,23 @@ headers = { X-MyCustomHeader = "ADifferentCustomValue" }
 docker_image = "ghcr.io/commit-boost/signer:latest"
 # Configuration for how the Signer module should load validator keys. Currently two types of loaders are supported:
 #   - File: load keys from a plain text file (unsafe, use only for testing purposes)
-#   - ValidatorsDir: load keys from a `keys` and `secrets` folder (ERC-2335 style keystores as used in Lighthouse)
+#   - ValidatorsDir: load keys from a `keys` and `secrets` file/folder (ERC-2335 style keystores). More details can be found in the docs (https://commit-boost.github.io/commit-boost-client/get_started/configuration/)
 [signer.loader]
 # File: path to the keys file
 key_path = "./keys.example.json"
-# ValidatorsDir: path to the keys directory
+# ValidatorsDir: format of the keystore (lighthouse, prysm, teku or lodestar)
+# format = "lighthouse"
+# ValidatorsDir: full path to the keys directory
+# For lighthouse, it's de path to the directory where the `<pubkey>/voting-keystore.json` directories are located.
+# For prysm, it's the path to the `all-accounts.keystore.json` file.
+# For teku, it's the path to the directory where all `<pubkey>.json` files are located.
+# For lodestar, it's the path to the directory where all `<pubkey>.json` files are located.
 # keys_path = ""
-# ValidatorsDir: path to the secrets directory
+# ValidatorsDir: full path to the secrets file/directory
+# For lighthouse, it's de path to the directory where the `<pubkey>.json` files are located.
+# For prysm, it's the path to the file containing the wallet decryption password.
+# For teku, it's the path to the directory where all `<pubkey>.txt` files are located.
+# For lodestar, it's the path to the file containing the decryption password.
 # secrets_path = ""
 # Configuration for how the Signer module should store proxy delegations. Currently one type of store is supported:
 #   - File: store keys and delegations from a plain text file (unsafe, use only for testing purposes)

config.example.toml

@@ -329,7 +329,7 @@ pub fn handle_docker_init(config_path: String, output_dir: String) -> Result<()>
                     let (k, v) = get_env_val(SIGNER_KEYS_ENV, SIGNER_DEFAULT);
                     signer_envs.insert(k, v);
                 }
-                SignerLoader::ValidatorsDir { keys_path, secrets_path } => {
+                SignerLoader::ValidatorsDir { keys_path, secrets_path, format: _ } => {
                     volumes.push(Volumes::Simple(format!(
                         "{}:{}:ro",
                         keys_path.display(),

crates/cli/src/docker_init.rs

@@ -35,6 +35,11 @@ tree_hash.workspace = true
 tree_hash_derive.workspace = true
 eth2_keystore.workspace = true
 k256.workspace = true
+aes.workspace = true
+ctr.workspace = true
+cipher.workspace = true
+pbkdf2.workspace = true
+sha2.workspace = true
 
 # misc
 thiserror.workspace = true
@@ -43,3 +48,6 @@ url.workspace = true
 rand.workspace = true
 bimap.workspace = true
 derive_more.workspace = true
+
+unicode-normalization.workspace = true
+base64.workspace = true